Safe Browsing with Qualys BrowserCheck

A best practice for safe browsing is to keep your browsers and plug-ins up-to-date with the latest security patches. Individuals can easily check and update their browsers and plug-ins with Qualys BrowserCheck, and new multi-browser scanning improves that process.

Organizations can manage the use of BrowserCheck by their end-users and track the overall state of their browser security with BrowserCheck Business Edition. The new asset features in BrowserCheck Business Edition allow organizations to drill down into specific Microsoft Windows assets, and to more easily identify and update systems running older browser and plug-in versions.

Scan Multiple Browsers

On Windows, the new BrowserCheck helps users running multiple browsers to check all of their browsers in a single scan, for both standalone BrowserCheck and BrowserCheck Business Edition. Users can then tab through the results for each browser and fix any vulnerable or out-of-date components, regardless of browser. This is convenient since users typically run multiple browsers, in our example Internet Explorer, Google Chrome and Opera (with Opera sporting a vulnerability) and no longer need to scan each one individually.

Windows users can also select an option to run system checks that analyze anti-virus (AV), firewall (FW), and Windows updates (WU) settings. Recommended actions are displayed on a separate tab (System Checks) in the results.

Assets

In the Business Edition Admin panel, the new Asset tab organizes BrowserCheck scan data by asset, making it easy for IT admins to identify which assets have insecure components. Scan data is sortable by number of issues, time of last scan, IP address, platform, user and asset name, and it can be filtered by browser type and plug-in, to help administrators investigate issues affecting subsets of assets.

Clicking on an asset drills into the detail of the latest scan, and a drop-down allows you to see the same detailed drill-down of previous scans run on the asset.

Anywhere you can see information on a specific asset, you can choose to ignore the asset and it will be removed from the data set. This is useful when a user in your organization forwards your organization’s BrowserCheck URL to someone outside the organization, whose system you don’t want to track.

Dashboard

The new Current Status of Windows Assets view on the Dashboard tab shows the top 10 insecure assets in the organization, as well as a graph summarizing the security status of all assets.

Business Edition Admin Settings

The BrowserCheck Business Edition administrator can enable or disable multi-browser scanning and system checks for users in their organizations if they want to focus users on their current browser and its plug-ins.

The administrator can also hide the results of individual scans from end-users. This is useful if the administrator needs to perform browser checks where the users aren’t authorized to update their own systems.

And finally, the administrator can change the company name displayed at the top of the BrowserCheck page.

Note: Asset data is only available for scans run on Microsoft Windows systems. Tracking data by asset requires the BrowserCheck plug-in, which records asset identification information, and the plug-in is only available on Windows systems. Scans run on non-Windows systems collect data via JavaScript, and the JavaScript-based version does not collect this information.